BT hits out at warchalkers

BT Openworld has thrown its weight behind the fight against 'Warchalking' - the practice of scrawling chalk marks on the outside of buildings with Wi-Fi networks to encourage passers by to surf on companies' unprotected bandwidth.

The UK ISP is warning of the dangers of operating insecure wireless local area networks, claiming that warchalking can encourage malicious hackers to break into corporate networks.

Because of this, the ISP has laid out suggested security measures which companies should take.

At the initial set-up phase of your WLAN, you should implement at least this basic security:
* Change the default SSID (Service Set ID or network name) and encryption keys.
* Filter MAC addresses at the access point to allow access to known users only.
* Enable WEP (Wired Equivalent Privacy - see below) at the highest level possible and change regularly.
* Limit folder/file sharing to the minimum with password protection.
* Install firewalls on all connected PCs.
* Install an updatable virus checker.

Around 40 percent of WLAN users do not modify original manufacturer default passwords and do not enable WEP. This is equivalent to leaving the front door wide open.

Service Set ID and Wired Equivalent Privacy are the two primary built-in security features within the 802.11b WLAN standard.

SSID is the method by which different roaming networks identify themselves. It is also used as a basic password without which the user cannot log onto the network. However, the access point can be configured to broadcast the SSID number - and this is often the case where users configure the equipment themselves. Broadcast should be turned off and default passwords changed.

The 802.11b standard WLAN also includes 40 and 64-bit encryption that decreases the likelihood of eavesdropping. WEP encryption allows the user four basic options from no encryption to an authentication and encryption solution, which prevents unauthorised access as well as encoding the data carried over the network.

Some equipment, such as that provided by Linksys / BT Openworld, allows 128-bit WEP encryption, which can be user defined. This offers a stronger, and therefore safer, cipher of the data on the WLAN. This is not an unbreakable barrier to professional hackers but does offer significant protection against script kiddies and drive by hacking. Furthermore, 128-bit WEP will probably delay any attack to such an extent that there is usually time for the intrusion to be detected. If you think your business may be targeted by 'professional' hackers with expensive equipment and unlimited time to spend in trying to access your network, then you may need to take additional security measures.

Click here to read BT's suggested Additional security measures, to protect your network from professional hackers: http://www.silicon.com/a55743

Click here to read the main story on BT's anti-warchalking stance: http://www.silicon.com/a55741